Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Organizations can now use their SecurID two-factor authentication deployments to secure cloud applications running on Microsoft Windows Active Directory Federation Services (ADFS), RSA Security said.Users will be able to add multi-factor authentication into Office 365 applications, including Microsoft Exchange and Microsoft Azure, and still use Active Directory roles to control authentication for both on-premise applications and cloud systems, EMC-subsidiary RSA Security said Nov. 7.ADFS allows customers to use their Active Directory roles in the cloud to achieve single sign capabilities for corporate networks and the cloud. The fact that ADFS now supports two-factor authentication out of the box adds another level of centralized authentication and authorization to the environment, according to RSA Security.RSA's SecurID token generates a one-time-password every 30 seconds to two minutes. On systems that have SecurID enabled, users have to first enter their username and password, and then the generated one-time-password to gain access. This integration would allow Azure developers to build applications that use SecurID to handle authentication.Organizations can use the hardware token that's already deployed in the enterprise, Karen Kiffney, a senior product marketing manager at RSA, told eWEEK.This isn't the first time RSA partnered up with Microsoft. The two companies have teamed up in the past to protect data loss prevention tools and data classification service.RSA is trying to convince customers to stick with SecurID even after the data breach that damaged two-factor authentication technology's reputation earlier this year. Unknown attackers managed to breach RSA's corporate networks using a combination of malware, zero-day vulnerabilities and social engineering to steal information related to SecurID. There are over 40 million people in at least 30,000 organizations worldwise using the technology.As a result of the attack on RSA, IT security professionals were considering moving away from hardware-based two-factor authentication tokens such as SecurID toward risk-based authentication and software-based tokens, Andras Cser, a principal analyst with Forrester Research wrote in a research note.The fact that Microsoft chose RSA to protect its cloud environment with SecurID was validation that the company has moved beyond the incident, a RSA spokesperson said. The company has offered to replace tokens, made some changes to its manufacturing process, and the breach was a "one time event," Kiffney said.Customers are more curious about what RSA learned as a result of the breach, and what tactics they should be using, Phil Aldrich, RSA's senior product marketing manager, told eWEEK. "Customers see that we detected and stopped the attack as it was happening and want to know how to do that," Aldrich said.The integration is available for no extra fee for all SecurID users and there's no additional work needed to get this to work. "It just will work out of the box," Kiffney said. If the customer is already a SecurID customer, then they know it's going to work with everything, regardless of whether it's in the cloud in Azure, or on-premise.RSA made a similar announcement for Citrix Receiver. Organizations were using Citrix Receiver in a virtual application delivery environment and protecting the session with usernames and passwords. Citrix Receiver can be used with Windows, Mac and Linux desktops and laptops, think clients, and mobile devices running Apple iOS, Google Android, or Research in Motion phones, according to RSA.In the past, organizations who wanted to use SecurID on Citrix Receiver would have to switch to the software token app on the mobile device to obtain the one-time password. Now the software is part of a software developer kit (SDK) that allows the application that called the software token to obtain the passcode in the background automatically.This capability is available in Citrix Receiver, Juniper JUNOS Pulse and VMware View, RSA said. In order to prevent Citrix session hijacking, the authentication technology is now built into the receiver."Hackers have to jump through much bigger hoops to abuse an identity and get to data since that data doesn't exist by default on the device itself," Sam Curry, CTO of RSA Security, wrote on the blog.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.